commit dbe61853550a2ff07122fa0d022b1bb9fd8e4bb7
parent 41e28987eba01dadfe9aea7ce8a122c22ef77c58
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 5 Mar 2023 12:58:00 +0100
fix libeufin setup
Diffstat:
2 files changed, 79 insertions(+), 48 deletions(-)
diff --git a/netzbon/config_launch_libeufin.sh b/netzbon/config_launch_libeufin.sh
@@ -16,6 +16,7 @@
# - SANDBOX_EXCHANGE_PASSWORD: password of the exchange
# bank account hosted at Sandbox. The related
# username is: exchange-at-sandbox
+# - BANK_NAME: human-readable name for the bank
#
# OUTPUTS:
#
@@ -29,6 +30,25 @@ source functions.sh
source config/user.conf
source config/internal.conf
+if test -z ${BANK_NAME:-}
+then
+ say "Error: config/user.conf does not specify BANK_NAME"
+ exit 1
+fi
+if test -z ${DOMAIN_NAME:-}
+then
+ say "Error: config/user.conf does not specify DOMAIN_NAME"
+ exit 1
+fi
+if test -z ${SANDBOX_ADMIN_PASSWORD:-}
+then
+ say "Error: config/user.conf does not specify SANDBOX_ADMIN_PASSWORD"
+ exit 1
+fi
+
+# TODO: add sanity-checks for presence of other required env-vars
+
+
say "Setting up libeufin"
# EBICS parameters that must match but are only used internally.
@@ -75,7 +95,7 @@ echo "LIBEUFIN_SANDBOX_ADMIN_PASSWORD=\"${SANDBOX_ADMIN_PASSWORD}\"" >> /etc/lib
SANDBOX_URL="http://localhost:${LIBEUFIN_SANDBOX_PORT}/"
-echo -n "Configure the default demobank with ${CURRENCY}..."
+say "Configure the default demobank with ${CURRENCY}..."
MY_DIR=$PWD
# Go to directory valid for other users.
@@ -88,40 +108,40 @@ libeufin-sandbox config \
--without-signup-bonus \
--currency ${CURRENCY} \
default
-echo "DONE"
-echo -n "Start the bank..."
+say "DONE"
+say "Start the bank..."
systemctl enable --now libeufin-sandbox
-echo "DONE"
-echo -n "Waiting for sandbox..."
+say "DONE"
+say "Waiting for sandbox..."
curl --max-time 2 \
--retry-connrefused \
--retry-delay 1 \
--retry 10 \
${SANDBOX_URL} &> /dev/null
-echo "DONE"
+say "DONE"
-echo -n "Make one superuser at Nexus..."
+say "Make one superuser at Nexus..."
sudo -E -u libeufin-nexus libeufin-nexus superuser \
${LIBEUFIN_NEXUS_USERNAME} \
--password $NEXUS_EXCHANGE_PASSWORD
-echo "DONE"
-echo -n "Launching Nexus..."
+say "DONE"
+say "Launching Nexus..."
systemctl enable --now libeufin-nexus
-echo "DONE"
-echo -n "Waiting for Nexus..."
+say "DONE"
+say "Waiting for Nexus..."
curl --max-time 2 \
--retry-connrefused \
--retry-delay 1 \
--retry 10 \
${LIBEUFIN_NEXUS_URL} &> /dev/null
-echo "DONE"
+say "DONE"
-echo -n "Register the exchange Sandbox account..."
+say "Register the exchange Sandbox account..."
export LIBEUFIN_SANDBOX_USERNAME="exchange-at-sandbox"
export LIBEUFIN_SANDBOX_PASSWORD="${SANDBOX_EXCHANGE_PASSWORD}"
# Succeed also if the account already exists...
@@ -131,13 +151,13 @@ export LIBEUFIN_SANDBOX_PASSWORD="${SANDBOX_EXCHANGE_PASSWORD}"
libeufin-cli \
sandbox --sandbox-url ${SANDBOX_URL} \
demobank register || true
-echo "DONE"
+say "DONE"
-echo -n "Getting the exchange IBAN and Payto URI..."
+say "Getting the exchange IBAN and Payto URI..."
EXCHANGE_DETAILS=$(libeufin-cli \
sandbox --sandbox-url ${SANDBOX_URL} \
demobank info --bank-account ${LIBEUFIN_SANDBOX_USERNAME})
-echo "DONE"
+say "DONE"
EXCHANGE_IBAN=$(echo $EXCHANGE_DETAILS | jq -r .iban)
EXCHANGE_PAYTO=$(echo $EXCHANGE_DETAILS | jq -r .paytoUri)
@@ -149,22 +169,22 @@ export EXCHANGE_PAYTO
echo "EXCHANGE_IBAN=\"${EXCHANGE_IBAN}\"" >> ${MY_DIR}/config/internal.conf
echo "EXCHANGE_PAYTO=\"${EXCHANGE_PAYTO}\"" >> ${MY_DIR}/config/internal.conf
-echo -n "Setting the default exchange at Sandbox..."
+say "Setting the default exchange at Sandbox..."
libeufin-sandbox default-exchange "https://exchange.$DOMAIN_NAME/" $EXCHANGE_PAYTO
-echo "DONE"
+say "DONE"
export LIBEUFIN_SANDBOX_USERNAME="admin"
export LIBEUFIN_SANDBOX_PASSWORD=$SANDBOX_ADMIN_PASSWORD
-echo -n "Create EBICS host at Sandbox..."
+say "Create EBICS host at Sandbox..."
# Continue on failure, request is not idempotent...
# FIXME-MS: might be nicer to delete existing host first.
libeufin-cli sandbox \
--sandbox-url ${SANDBOX_URL} \
ebicshost create --host-id ${EBICS_HOST_ID} || true
-echo "OK"
+say "OK"
-echo -n "Create exchange EBICS subscriber at Sandbox..."
+say "Create exchange EBICS subscriber at Sandbox..."
# Continue on failure, request is not idempotent...
# FIXME-MS: might be nicer to delete existing host first.
libeufin-cli sandbox \
@@ -174,10 +194,10 @@ libeufin-cli sandbox \
--user-id ${EBICS_USER_ID} \
--partner-id ${EBICS_PARTNER_ID} \
--bank-account ${LIBEUFIN_SANDBOX_USERNAME} || true
-echo "OK"
+say "OK"
-echo -n "Creating the EBICS connection at Nexus..."
+say "Creating the EBICS connection at Nexus..."
# Continue on failure, request is not idempotent...
# FIXME-MS: might be nicer to delete existing host first.
libeufin-cli connections new-ebics-connection \
@@ -186,17 +206,17 @@ libeufin-cli connections new-ebics-connection \
--partner-id ${EBICS_PARTNER_ID} \
--ebics-user-id ${EBICS_USER_ID} \
${EBICS_CONNECTION_NAME} || true
-echo "DONE"
+say "DONE"
-echo -n "Setup EBICS keying..."
+say "Setup EBICS keying..."
libeufin-cli connections connect ${EBICS_CONNECTION_NAME} > /dev/null
-echo "OK"
+say "OK"
-echo -n "Download bank account name from Sandbox..."
+say "Download bank account name from Sandbox..."
libeufin-cli connections download-bank-accounts ${EBICS_CONNECTION_NAME}
-echo "OK"
+say "OK"
-echo -n "Importing bank account info into Nexus..."
+say "Importing bank account info into Nexus..."
# Continue on failure, request is not idempotent...
# FIXME-MS: might be nicer to delete existing connection first.
libeufin-cli connections import-bank-account \
@@ -205,7 +225,7 @@ libeufin-cli connections import-bank-account \
${EBICS_CONNECTION_NAME} || true
echo "OK"
-echo -n "Create the Taler facade at Nexus..."
+say "Create the Taler facade at Nexus..."
# Continue on failure, request is not idempotent...
# FIXME-MS: might be nicer to delete existing facade first.
libeufin-cli facades \
@@ -213,12 +233,12 @@ libeufin-cli facades \
--currency $CURRENCY \
--facade-name ${LIBEUFIN_TALER_FACADE} \
${EBICS_CONNECTION_NAME} ${LIBEUFIN_NEXUS_USERNAME} || true
-echo "OK"
+say "OK"
export WIRE_GATEWAY_URL="${LIBEUFIN_NEXUS_URL}/facades/${LIBEUFIN_TALER_FACADE}/taler-wire-gateway/"
echo "WIRE_GATEWAY_URL=\"${WIRE_GATEWAY_URL}\"" >> ${MY_DIR}/config/internal.conf
-echo -n "Configuring the background jobs to submit/get transactions..."
+say "Configuring the background jobs to submit/get transactions..."
# Tries every second.
# Not idempotent, FIXME #7739
libeufin-cli accounts task-schedule \
@@ -226,10 +246,10 @@ libeufin-cli accounts task-schedule \
--task-name exchange-payments \
--task-cronspec "* * *" \
exchange-at-nexus || true
-echo OK
+say "OK"
# Tries every second. Ask C52
-echo -n Setup history fetch task..
+say "Setup history fetch task.."
# Not idempotent, FIXME #7739
libeufin-cli accounts task-schedule \
--task-type fetch \
@@ -238,4 +258,14 @@ libeufin-cli accounts task-schedule \
--task-param-level report \
--task-param-range-type latest \
exchange-at-nexus || true
-echo OK
+say "OK"
+
+
+say "Setting up SPA configuration..."
+
+cat /usr/share/libeufin/demobank-ui/demobank-ui-settings.js \
+ | sed -e "s/localhost/bank.${DOMAIN_NAME}/g" \
+ | sed -e "s/Taler Bank/${BANK_NAME}/g" \
+ > /etc/libeufin/demobank-ui-settings.js;
+
+say "DONE"
diff --git a/netzbon/main.sh b/netzbon/main.sh
@@ -28,6 +28,11 @@ then
read -p "Enter the name of the currency (e.g. 'EUR'): " CURRENCY
echo "CURRENCY=${CURRENCY}" >> config/user.conf
fi
+if test -z "${BANK_NAME:-}"
+then
+ read -p "Enter the human-readable name of the bank (e.g. 'Taler Bank'): " BANK_NAME
+ echo "BANK_NAME=${BANK_NAME}" >> config/user.conf
+fi
if test -z "${ENABLE_TLS:-}"
then
read -p "Use TLS? (y/n): " ENABLE_TLS
@@ -84,28 +89,24 @@ then
echo "SANDBOX_EXCHANGE_PASSWORD=${SANDBOX_EXCHANGE_PASSWORD}" >> config/internal.conf
fi
-# ENABLE MERCHANT & EXCHANGE
-# FIXME: these should have been done by the Debian
-# packages!
-# create_users
-# assign_user_permissions
-
-# ENABLE LIBEUFIN
-
-# Please take into account if something fails in this section, the NGINX configuration won't be created.
-# Recall all the scripts have the set -eu header.
-
. config_launch_libeufin.sh
-
. config_nginx.sh
. setup-exchange.sh
. setup-merchant.sh
# Final message to the user
+if test ${ENABLE_TLS:-} == "y"
+then
+ PROTO="https"
+else
+ PROTO="http"
+fi
say "Congratulations, you have successfully installed GNU Taler"
-say "Please check your browser now at http://localhost:80"
+say "Your bank is at ${PROTO}://bank.${DOMAIN_NAME}/"
+say "A merchant is at ${PROTO}://backend.${DOMAIN_NAME}/"
+say "You should set credentials for the merchant soon."
exit 0
# END INSTALLATION
